Colm O hEigeartaigh announced a critical vulnerability affecting various versions of Apache CXF, a widely-used framework for building web services. This issue, documented as CVE-2025-23184, poses a significant risk as it can lead to a Denial of Service (DoS) attack…
Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Microsoft Rolls Out New Administrator Protection Feature Under Windows Security
Microsoft has announced the release of Windows 11 Insider Preview Build 27774 to the Canary Channel. This build comes packed with enhancements, including a significant new feature aimed at bolstering system security—Administrator Protection. The highlight of this update is the…
New Contacto Ransomware Evades AV Detection & Uses Windows Console for Execution
In early January 2025, a new ransomware strain identified as Contacto surfaced, showcasing advanced techniques designed to bypass conventional security measures. This analysis provides insights into its operational mechanisms, particularly suited for professionals venturing into ransomware analysis. Operational Mechanisms Upon…
OWASP Smart Contract Top 10 2025 Released – What’s new!
The Open Web Application Security Project (OWASP) has released its updated Smart Contract Top 10 for 2025, providing essential insights for developers and security teams in the rapidly evolving Web3 environment. This document outlines the most pressing vulnerabilities found in smart contracts,…
Ransomware Attack Forces UK Brit High School to Close Doors For Students
A ransomware attack has compelled UK Brit, a prominent British high school, to close its doors to students for two days, specifically Monday, January 20, and Tuesday, January 21, 2025. This decision follows an incident that occurred on Friday, January…
OpenVPN Easy-rsa Vulnerability Allows Attacker to Bruteforce Private CA key
A significant security vulnerability, designated as CVE-2024-13454, has been discovered in the OpenVPN Easy-RSA tool, specifically affecting versions from 3.0.5 to 3.2.0 that utilize OpenSSL 3. This flaw pertains to the incorrect encryption of password-protected Certificate Authority (CA) private keys…
PoC Exploit Released for TP-Link Code Execution Vulnerability (CVE-2024-54887)
A serious code execution vulnerability in the TP-Link TL-WR940N router, identified as CVE-2024-54887, has become the focus of intense scrutiny following the release of a proof-of-concept (PoC) exploit. This vulnerability allows attackers to execute arbitrary code on the device remotely…
Vim Command Line Text Editor Segmentation Vulnerability Patched
Christian Brabandt, a prominent figure in the Vim community, announced the patching of a medium-severity segmentation fault vulnerability identified as CVE-2025-24014. The vulnerability, discovered in versions of Vim before 9.1.1043, could potentially be exploited during silent Ex mode operations, which are…
Hackers Weaponize npm Packages To Steal Solana Private Keys Via Gmail
Socket’s threat research team has identified a series of malicious npm packages specifically designed to steal private keys from Solana wallets. The implicated packages—@async-mutex/mutex, dexscreener, solana-transaction-toolkit, and solana-stable-web-huks—typosquat on popular libraries, appearing to serve legitimate functions while covertly executing malware.…
Multiple Azure DevOps Vulnerabilities Let Inject CRLF Queries & Rebind DNS
Researchers uncovered several significant vulnerabilities within Azure DevOps, specifically focusing on potential Server-Side Request Forgery (SSRF) weaknesses. The findings highlight the importance of robust security measures in cloud-based development environments. During testing, the researcher aimed to identify any Service Connections…
New IoT Botnet Launching Large-Scale DDoS attacks Hijacking IoT Devices
Large-scale DDoS attack commands sent from an IoT botnet’s C&C server targeting Japan and other countries since late 2024. These commands targeted various companies, which include major Japanese corporations and banks. While a direct link cannot be confirmed, some targeted…
Hackers Weaponize MSI Packages & PNG Files to Deliver Multi-stage Malware
Researchers have reported a series of sophisticated cyber attacks aimed at organizations in Chinese-speaking regions, including Hong Kong, Taiwan, and mainland China. These attacks employ a multi-stage loader known as PNGPlug to deliver a malware payload identified as ValleyRAT. The…
Researchers Used ChatGPT to Discover S3 Bucket Takeover Vulnerability in Red Bull
Bug bounty programs have emerged as a critical avenue for researchers to identify vulnerabilities in digital platforms. One such success story involves a recent discovery made within the Red Bull bug bounty program, where a security researcher utilized ChatGPT to…
ChatGPT Crawler Vulnerability Abused to Trigger Reflexive DDoS Attacks
Security researchers have uncovered a severe vulnerability in OpenAI’s ChatGPT API, allowing attackers to exploit its architecture for launching Reflective Distributed Denial of Service (DDoS) attacks. This loophole, characterized by a high severity CVSS score of 8.6, raises significant concerns…
Apple Confirms Removal of TikTok App US Users
Apple has confirmed that popular apps developed by ByteDance Ltd., including TikTok, will no longer be available for download or updates in the United States. This decision, effective January 19, 2025, comes in response to the Protecting Americans from Foreign…
Threat Actor IntelBroker Allegedly Claiming Breach of Hewlett Packard Enterprise Data
A threat actor known as IntelBroker has taken to a prominent dark web forum to claim a significant data breach at Hewlett Packard Enterprise (HPE). The alleged breach reportedly includes a vast array of sensitive information, raising concerns about the…
FunkSec Ransomware Dominating Ransomware Attacks, Compromised 85 Victims In December
FunkSec is a RaaS operator that makes use of artificial intelligence and demonstrates how threat actor strategies are constantly evolving. The analysis reveals that artificial intelligence has limited sophistication, even though it enables rapid operations scaling and the generation of…
Pumakit – Sophisticated Linux Rootkit That Persist Even After Reboots
Pumakit is a sophisticated rootkit that leverages system call interception to manipulate file and network activity. It ensures persistence through kernel-level embedding that allows for continued operation after reboots. By tampering with logs and employing anti-detection techniques that include disabling…
Massive NBI Data Breach Exposes Millions of Users Records Online
The National Bureau of Investigation (NBI), the Philippines’ top investigative agency, has reportedly been compromised, exposing the sensitive data of millions of Filipinos. A dark web user operating under the pseudonym “Zodiac Killer” has taken responsibility for the attack, claiming…
Researchers Accessed Windows BitLocker Encrypted Files Disassembling the Laptop
Cybersecurity researchers have uncovered a major flaw in the Windows BitLocker encryption system, allowing attackers to access encrypted data without requiring physical disassembly of the target laptop. The exploit, named “bitpixie”, demonstrates how attackers can extract the disk encryption key, bypassing…